Cybersecurity Analysis is a US-based consultancy providing standards-based cyber-security services to agencies and organisations in the rail (freight and passenger), oil and gas, and pipeline sectors.

The company supplies cyber-security services for transit agencies, ensuring applications such as signalling and communications systems are comprehensively reviewed and protected.

Strategic and tactical services for cyber-security risk management

Cybersecurity Analysis fulfils a wide range of cyber-security needs, focusing on the specific risk management challenges inherent in automated control systems, such as industrial or supervisory control and data acquisition systems.

The company helps its clients to build bridges between management, IT, operations and police employees.

It also helps clients to identify and mitigate plausible risks to automation systems, such as positive train control (PTC), communications-based train control (CBTC), automatic train supervision (ATS), and vital systems.

Cybersecurity Analysis offers a range of standards-based services to address the most challenging cyber-security issues. The company’s expertise is with ISO, NIST, APTA, ISA, and IEC standards.

Cybersecurity Analysis’s services cover the following:

Cybersecurity strategy: selecting a standards-based risk management approach that meets industry best practices and is tailored to clients’ needs

Cyber-security breach prevention

Cybersecurity Analysis addresses security breaches, such as those reported by the DHS, Transportation Security Administration (TSA), the US Computer Emergency Readiness Team (US-CERT) and their Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

Cyber-security issues and rail-specific risks

Cybersecurity Analysis’s solutions can help defend its clients from threats performed by hackers. These include signal tampering, vehicle control manipulation, theft of confidential human resources or revenue information, and defacement of announcement boards, websites, or public address systems.

Cybersecurity Analysis is equipped to combat rail-specific challenges, such as geographically dispersed equipment and vulnerable rights-of-way, for vendors and regulators directly connected to railroad IT systems.

Consistent, customisable solutions for rail companies

Cybersecurity Analysis has expertise in systems that control equipment, communications, and signalling. The company uses this knowledge to identify the ‘weak spots’ where processes and IT systems converge.

The company works in tandem with IT departments, as well as signals and communications personnel, to address specific operational challenges.

Cybersecurity Analysis trains its clients’ staff, highlighting each person’s critical role in creating a cyber secure operation. The company aims to create a self-sustaining cyber-security risk management culture for its clients.